Uncategorized

Install NextCloud on CentOS7

- by iMac Jason 
echo "PS1='\033[1;33m\t \033[1;33m[\u@\H] \033[1;35m\w\033[0;0m\n#'" >> /root/.bashrc

. .bashrc

rm -f anaconda-ks.cfg

yum -y install epel-release

# for Proxy to load faster
export http_proxy=http://122.155.12.248:38080/
export https_proxy=http://122.155.12.248:38080/
export ftp_proxy=http://122.155.12.248:38080/

# For Physical Server
yum -y install htop dmidecode wget screen net-tools snmpd net-snmp-utils perl \
  perl-libwww-perl vim sysstat iftop zip unzip iptstate yum-utils nc lsof net-snmp \
  ntp bash-completion curl lsof bridge-utils bind-utils nfs-utils telnet bzip2 pciutils \
  git perl-core ipmi qemu-guest-agent deltarpm
systemctl start ipmievd.service 
systemctl enable ipmievd.service 

systemctl stop NetworkManager 
systemctl disable NetworkManager
yum -y erase NetworkManager
systemctl stop postfix
yum -y remove postfix
systemctl stop chronyd
yum -y remove chrony
yum -y remove firewalld* 

# sshd config
sed -i '/Defaults    requiretty/c #Defaults    requiretty' /etc/sudoers
sed -i '/#UseDNS yes/c UseDNS no' /etc/ssh/sshd_config
systemctl restart sshd

# set NTP
sed -i '/server 0.centos.pool.ntp.org iburst/c server 202.170.119.19' /etc/ntp.conf
sed -i '/server 1.centos.pool.ntp.org iburst/c server 202.170.119.9' /etc/ntp.conf
sed -i '/server 2.centos.pool.ntp.org iburst/c server 103.246.188.99' /etc/ntp.conf
sed -i '/server 3.centos.pool.ntp.org iburst/c #' /etc/ntp.conf
systemctl enable ntpd
systemctl restart ntpd

# set SELINUX=permissive
setenforce 0
sed -i '/SELINUX=enforcing/c SELINUX=disabled' /etc/sysconfig/selinux 
sed -i '/SELINUX=enforcing/c SELINUX=disabled' /etc/selinux/config

# Update to Lastest version
yum -y update

echo "export EDITOR=\"vim\"" >> .bashrc
echo "alias vi='vim'"  >> .bashrc

# Add Firewall script
cat > /root/firewall.sh << 'EOF'
#!/bin/bash
# iptables script generated 2014-02-05
# http://www.mista.nu/iptables
IPT="/sbin/iptables"

# Flush old rules, old custom tables
$IPT --flush
$IPT --delete-chain

# Set default policies for all three default chains
$IPT -P INPUT ACCEPT
$IPT -P FORWARD ACCEPT
$IPT -P OUTPUT ACCEPT

# Enable free use of loopback interfaces
$IPT -I INPUT -i lo -j ACCEPT
$IPT -I OUTPUT -o lo -j ACCEPT

# All TCP sessions should begin with SYN
$IPT -I INPUT -p tcp ! --syn -m state --state NEW -s 0.0.0.0/0 -j DROP

# Accept inbound TCP packets
$IPT -I INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPT -I INPUT -p tcp --dport 22 -s 0.0.0.0/0 -j ACCEPT
$IPT -I INPUT -p tcp --dport 80 -s 0.0.0.0/0 -j ACCEPT
$IPT -I INPUT -p tcp --dport 443 -s 0.0.0.0/0 -j ACCEPT

# Accept inbound UDP packets
$IPT -I INPUT -p udp -m udp --dport 161 -s 0.0.0.0/0 -j ACCEPT

# Accept inbound ICMP messages
$IPT -I INPUT -p ICMP --icmp-type 8 -s 0.0.0.0/0 -j ACCEPT
$IPT -I INPUT -p ICMP --icmp-type 11 -s 0.0.0.0/0 -j ACCEPT
$IPT -I INPUT -p udp -m udp --dport 123 -s 0.0.0.0/0 -j ACCEPT
$IPT -I INPUT -p udp -m udp --dport 53 -s 0.0.0.0/0 -j ACCEPT


EOF

chmod +x /root/firewall.sh

## Add Crontab for firewall
echo "@reboot         root       /root/firewall.sh > /dev/null 2>&1" >> /etc/crontab
echo "*/7 * * * *     root       /root/firewall.sh > /dev/null 2>&1" >> /etc/crontab

systemctl restart crond.service
## Install WebTatic for PHP 7.2
rpm -Uvh -y https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
yum -y install httpd php72w php72w-dom php72w-mbstring php72w-gd \
    php72w-pdo php72w-json php72w-xml php72w-zip php72w-curl \
    php72w-pear php72w-intl setroubleshoot-server bzip2 \
    php72w-opcache redis php72w-pecl-redis certbot certbot-apache \
    php72w-pecl-imagick 

### config obcache
cat > /etc/php.d/opcache.ini << 'EOF'
zend_extension=opcache.so
opcache.enable=1
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=10000
opcache.memory_consumption=128
opcache.save_comments=1
opcache.revalidate_freq=1
opcache.enable_cli=1

EOF

#### change to 512M Memory Limit
sed -i -e 's/memory_limit = 128M/memory_limit = 512M/g' /etc/php.ini 

### Enable redis
systemctl start redis
systemctl enable redis

## Install MariaDB
cat > /etc/yum.repos.d/MariaDB.repo << 'EOF'
# MariaDB 10.3 CentOS repository list - created 2018-05-25 19:02 UTC
# http://downloads.mariadb.org/mariadb/repositories/
[mariadb]
name = MariaDB
baseurl = http://yum.mariadb.org/10.3/centos7-amd64
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1

EOF

yum -y install mariadb-server php72w-mysql

systemctl enable mariadb
systemctl start mariadb

#### Config MySQL root Pass
mysql_secure_installation


#### Add nextCloud User in Mysql
mysql -u root -p

  CREATE DATABASE nextcloud;
  CREATE USER 'nc'@'localhost' IDENTIFIED BY 'PASSWORD';
  GRANT ALL PRIVILEGES ON nextcloud.* TO 'nc'@'localhost';
  FLUSH PRIVILEGES;
  \q

#### Install NextCloud
cd /var/www/html
curl -o nextcloud-15-latest.tar.bz2 https://download.nextcloud.com/server/releases/latest-15.tar.bz2
tar -xvjf nextcloud-15-latest.tar.bz2
mkdir nextcloud/data
chown -R apache:apache nextcloud
rm -rf nextcloud-15-latest.tar.bz2

cat > /etc/httpd/conf.d/nextcloud.conf << 'EOF'
Alias /nextcloud "/var/www/html/nextcloud/"

<Directory /var/www/html/nextcloud/>
 Options +FollowSymlinks
 AllowOverride All

 <IfModule mod_dav.c>
 Dav off
 </IfModule>

 SetEnv HOME /var/www/html/nextcloud
 SetEnv HTTP_HOME /var/www/html/nextcloud

</Directory>
EOF

systemctl start httpd
systemctl enable httpd

#### Web Install NextCloud
http://YOUR_IP_ADDRESS/nextcloud/


sed "/^);/d" < /var/www/html/nextcloud/config/config.php > /var/www/html/nextcloud/config/config.php2
cat /var/www/html/nextcloud/config/config.php2 > /var/www/html/nextcloud/config/config.php
rm -rf /var/www/html/nextcloud/config/config.php2
chown apache:apache /var/www/html/nextcloud/config/config.php

cat >> /var/www/html/nextcloud/config/config.php << 'EOF'

  'memcache.locking' => '\OC\Memcache\Redis',
  'memcache.distributed' => '\OC\Memcache\Redis',
  'memcache.local' => '\OC\Memcache\Redis',
  'redis' => [
     'host' => 'localhost',
     'port' => 6379,
     'timeout' => 3,
  ],
);
EOF

##### set up Hostname

cat > /etc/httpd/conf.d/nextcloud.conf << 'EOF'
<VirtualHost *:80>
   ServerName YOURDOMAIN.TLD
   ServerAdmin [email protected]
   DocumentRoot /var/www/html/nextcloud

   <directory /var/www/html/nextcloud>
     Require all granted
     AllowOverride All
     Options FollowSymLinks MultiViews
     SetEnv HOME /var/www/html/nextcloud
     SetEnv HTTP_HOME /var/www/html/nextcloud
   </directory>
</VirtualHost>
EOF

systemctl restart httpd

certbot --apache

cd /var/www/html/nextcloud/
sudo -u apache /usr/bin/php occ db:convert-filecache-bigint

#### add https strict in apache nextcloud files
    <IfModule mod_headers.c>
      Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
    </IfModule>

#### open Web site
https://YOURDOMAIN.TLD/


#### for upgrade version on text mode
cd /var/www/html/nextcloud
sudo -u apache /usr/bin/php occ status

sudo -u apache /usr/bin/php occ update:check

sudo -u apache /usr/bin/php occ upgrade

 

Related Posts

compare two directory trees with rsync

linux man ip command

CentOS7 Change repo end of life

About iMac Jason

View all posts by iMac Jason →